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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
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DETAILED ACTION 

1. Claims 1-8, 10, 12-15, 17, and 19-23 are allowed. 

EXAMINER'S AMENDMENT 

The term "storage media" found in the claims has been Interpreted in view of 
current case law to include only "non-transitory computer readable storage media" 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Mr. James J. Stewart on 12/17/2009. 

2. Please replace paragraph [00010] as follows: 
IN THE SPECIFICATION: 

[00010] The invention Is a message targeting and filtering system and method 
based on an extreme application of distributed database technology In which the central 
database service defines a uniform data format or "schema," but is otherwise relegated 
to a subordinate role in which it performs only storage and clearinghouse functions that 
do not require unencrypted data access. All database functions requiring unencrypted 
data access, including modification, querying and schema migration of data records, are 
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delegated to client-side software agents deployed on devices under the personal control 
of individual database subjects. The invention contemplates various methods of data 
security and various methods of anonymous payments for message consumption by 
way of machine-executable medium storage media comprising instructions executed by 
a machine (alternatively referred to herein as machine-accessible medium comprising 
content that, when accessed by a machine, causes the machine to perform recited 
steps), e.g. classic computer software operating to specially alter or adapt a general- 
purpose computer to serve a special inventive purpose. 



3. 



Please replace claims as follows: 
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1 . (Previously presented) A secure nnessaging_system comprising: 

a personal record comprising a personal profile about a subject and a message 

filtering policy determined by the subject; 

an anonymity service, the anonymity service being an intermediary between the 

subject and a message sponsor, the message sponsor desiring to send a message to 

the 

subject based on the personal record; 

a message deposit sent to the anonymity service by the message sponsor 
wherein the message deposit comprises the message, a message targeting 
specification, and a message profile; 

a database maintained by the anonymity service, the personal record being 
stored in the database in an encrypted state, the anonymity service having an access to 
the personal record only in the encrypted state; 

a resident application residing on a client device under control of the subject, the 
resident application managing access to the personal record in an unencrypted state by 
use of a security element including an encrypted private key; 

a quarantine memory, the quarantine memory being a secure area of system 
memory on the client device; and 

a session agent configured to perform a database operation on the personal 
record in the unencrypted state in the quarantine memory, 

wherein the resident application, the quarantine memory and the session agent 
all reside on the client device under control of the subject, and 

wherein the resident application, the quarantine memory and the session agent 
collectively secure the personal record and the private key in an unencrypted state 
against access by the anonymity service. 
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2. (Original) The system of claim 1 wherein the database operation comprises: 

a database query which compares the message profile to the message filtering 
policy; and 

a database query which compares the personal profile to the message targeting 
specification. 

3. (Original) The system of claim 1 further comprising: 

a query result sent to the anonymity service from the resident application; 

a message delivery sent from the anonymity service to the resident application; 

and 

a delivery confirmation sent from the resident application to the anonymity 
service. 

4. (Original) The system of claim 1 wherein the database operation comprises a 
data record modification. 

5. (Original) The system of claim 1 wherein the database operation comprises a 
schema migration. 

6. (Original) The system of claim 1 further comprising a delivery notification sent 
from the anonymity service to the sponsor wherein the delivery notification comprises: 

an anonymous proof of delivery; 

an anonymous response from the subject; and 

an anonymous payment record. 

7. (Previously presented) The system of claim 2 further comprising an interactive 
response from the subject. 
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8. (Currently amended) A secure messaging method comprising: 

maintaining a personal record belonging to a subject in a centralized database in 
an encrypted form, the personal record comprising a personal profile and a message 
filtering policy; [[and]] 

distributing a database operation from the centralized database to a client device, 
wherein the database operation is performed on the personal record in an unencrypted 
form in a quarantine memory at the client device by use of a security element including 
an encrypted private key securely maintained by and accessible only to the subject 
such that the encrypted private key is inaccessible to the anonymity service , and 
wherein distributing the database operation from the centralized database to the client 
device comprises: 

downloading a session agent bv a resident application, the resident 
application being resident on the client device, the session agent comprising 
a software update, the personal record, and the security element including the 
encrypted private key, and 

performing a database guery by the session agent on the personal 
record in an unencrypted form: and 
establishing an intermediary between the subject and a message sponsor for the 
purpose of allowing the message sponsor to send a message to the subiect based on 
the personal profile while maintaining an anonymity of the subject . 

9. (Canceled) 

1 0. (Original) The method of claim 8 wherein the client device comprises a device 
capable of sending and receiving a signal over a digital network, the client device being 
under a physical control of the subject. 



1 1 . (Canceled) 
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1 2. (Currently amended) The method of claim [[1 1 ]]8 wherein establishing the 
intermediary between the subject and the message sponsor comprises: 

receiving a message deposit from the message sponsor, the message deposit 
comprising a message, a message targeting specification, and a message profile; 

negotiating permission to deliver the message to the subject; 

delivering the message to the subject; 

receiving a delivery confirmation from the subject; and 

sending the delivery confirmation to the message sponsor while maintaining an 
anonymity of the subject. 

1 3. (Original) The method of claim 1 2 wherein negotiating permission to deliver the 
message comprises: 

performing a targeting database query wherein the message targeting 
specification is compared to the personal profile; and 

performing a filtering database query wherein the message filtering policy is 
compared to the message profile. 

14. (Original) The method of claim 12 further comprising: 
accounting for a message charge to the message sponsor; 
accounting for a message credit to the subject; 

communicating the message charge to an external payment system; and 
communicating the message credit to an external payment system. 
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15. (Currently amended) A mach i n e e x e cutab le m e d i um Storage media comprising 
instructions that, when executed by a machine, cause the machine to: 

maintain a personal record belonging to a subject in a centralized database in an 
encrypted form, the personal record comprising a personal profile and a message 
filtering policy; [[and]] 

distribute a database operation from the centralized database to a client device, 
wherein the database operation is performed on the personal record in an unencrypted 
form in a quarantine memory at the client device by use of a security element including 
an encrypted private key securely maintained by and accessible only to the subject 
such that the encrypted private key is inaccessible to all others , and wherein causing 
the machine to distribute the database operation from the centralized database to the 
client device comprises causing the machine to: 

download a session agent bv a resident application, the resident 
application being resident on the client device, the session agent comprising 
a software update, the personal record, and the security element including the 
encrypted private key, and 

perform a database query bv the session agent on the personal record in 
an unencrypted form; and 
establish an intermediary between the subject and a message sponsor for the 
purpose of allowing the message sponsor to send a message to the subject based on 
the personal profile while maintaining an anonymity of the subiect . 

16. (Canceled) 

17. (Currently amended) The mach i n e e xecutabl e m e d i um storage media of claim 
15 wherein the client device comprises: 

a device capable of sending and receiving a signal over a digital network, the 
client device being under a physical control of the subject. 



18. (Canceled) 
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1 9. (Currently amended) The mach i n e e x e cutab le m e d i um storage media o f claim 
[[18]] 15 wherein causing the machine to establish the intermediary between the subject 
and the message sponsor comprises causing the machine to: 

receive a message deposit from the message sponsor, the message deposit 
comprising a message, a message targeting specification, and a message profile; 

negotiate permission to deliver the message to the subject; 

deliver the message to the subject; 

receive a delivery confirmation from the subject; and 

send the delivery confirmation to the message sponsor while maintaining an 
anonymity of the subject. 

20. (Currently amended) The machine cxccutob l o med i um storage media of claim 
19 wherein causing the machine to negotiate permission to deliver the message 
comprises causing the machine to: 

perform a targeting database query wherein the message targeting specification 
is compared to the personal profile; and 

perform a filtering database query wherein the message filtering policy is 
compared to the message profile. 

21 . (Currently amended) The mach i n e -e x e cutab le m e d i um storage media of claim 
19 further comprising causing the machine to: 

account for a message charge to the message sponsor; 
account for a message credit to the subject; 

communicate the message charge to an external payment system; and 
communicate the message credit to an external payment system. 

22. (Previously Presented) The system of claim 1 wherein the quarantine memory at 
least temporarily contains the personal record in an unencrypted state and a private key 
also in an unencrypted state. 
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23. (Previously Presented) The system of claim 22, wherein the quarantine memory 
contents including the personal record and the private key are deleted at an end of a 
client session. 
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4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MOHAMMAD A. SIDDIQI whose telephone number is 
(571)272-3976. The examiner can normally be reached on Monday -Thursday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan J. Flynn can be reached on (571) 272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated Information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

MS 

/NATHAN FLYNN/ 

Supervisory Patent Examiner, Art Unit 2454 



